“personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
“processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
“controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
“processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
“consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. 2. Who is the person determining the purposes and means of the processing?
The legal person that determines the purposes and means of the processing of personal data is Delphi Labs Ltd, with principal office in the British Virgin Islands, email firstname.lastname@example.org
3. Why do we process your data?
We collect, process, and use personal data on our Site in order to offer you better products and services, best adapt our business processes to the users’ needs, and steer you to the most suitable product information and online applications.
In particular, data is processed in order to:
- provide our services efficiently and effectively;
- develop, enhance, market and deliver products and services to you;
- find bugs;
- understand your needs and your eligibility for products and services;
- conduct surveys.
Moreover, we may directly or indirectly collect and temporarily store personally identifiable information for operational purposes, including for the purpose of identifying blockchain addresses or IP addresses that may indicate use of the Site from prohibited jurisdictions or by sanctioned persons or other prohibited uses.
4. Which personal data do we process?
When using the Site, we usually only collect the personal data that your browser transmits to our server. When you view our Site, we collect the following data:
- IP address;
- Browser type (e.g. Google Chrome, Firefox);
- Device resolution;
- Type of device;
- Device name (e.g. iPhone 12 Pro Max);
- Device brand;
- Operating system and version (e.g. Windows 10);
- Returning visitor or not;
- The origin point of traffic (Direct link or search engine);
- Geographic location.
In order to ameliorate your user experience, once you access the Site, we use local storage data to define the displayed language, identify your wallet, enable or disable animations and activate or deactivate tutorials.
6. Retention of Personal Data
7. Security, Protection and Use of Personal Data
Delphi constantly implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
- the pseudonymization and encryption of Personal Data;
- the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
- the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
- a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
The security measures in place will, from time to time, be reviewed in line with legal and technical developments.
8. Recipients of Personal Data
We also reserve the right to disclose personal data that Delphi believes, in good faith, is appropriate or necessary to enforce our Terms of Service, take precautions against liability or harm, to investigate and respond to third-party claims or allegations, to respond to a court order or official requests, to protect security or integrity of Delphi and to protect the rights, property or safety of Delphi, our users or others.
9. Data Subjects’ Rights The user has the right to obtain confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and all the relevant information. With respect to other categories of rights that might be exercised depending on the place where you are located, please consider Section 14 below.
10. Users Under Age According to the Site’s Terms of Service users must be at least eighteen years of age, of sound mental capacity and have all technical knowledge necessary or advisable to understand and evaluate the risks of the Site
Delphi does not knowingly collect or store any personal information about users under 16. If you believe such information has been inadvertently processed, we will take necessary steps to remove such information from our database.
11. Social Plugins The Site uses social plugins from the social networking sites. If you access the Site using such a plugin, your browser will contact the server of the underlying social networking site, load the visual presentation of the plugin, and present it to you. While this is happening, the social networking site receives information concerning your visit to our Site, as well as further data such as your IP address.
14. Additional information for users located in the European Economic Area and in the United Kingdom
B. Lawful Basis for the Processing of Personal Data
The GDPR requires a “lawful basis” for processing personal data. In principle, our lawful basis is established by Art. 6(1)(b) GDPR as the processing is necessary for accessing the services of the Site. Moreover, pursuant to Art. 6(1)(f), the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, in matters related to crimes and legal compliance and in order to ameliorate the efficiency and the user experience of the Site. Where you have given your specific consent, according to Art. 6(1)(a) GDPR, we may also use your data for specific purposes that will be outlined from time to time. This will especially happen in case of 1 to 1 interviews and testings conducted with users.
C. Data Subjects’ Rights
According to the GDPR, the user has also the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her (Art. 16 GDPR); the right to obtain the erasure of personal data concerning him or her without undue delay in one of the situations outlined in Art. 17 GDPR; the right to obtain from the controller restriction of processing in accordance with Art. 18 GDPR; the right to data portability in accordance with Art. 20 GDPR.
The user has further the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (Art. 21 GDPR).
Please consider that data committed to blockchains cannot be altered or eliminated. If you want to know more about the potential application of GDPR provisions to public blockchains and distributed ledgers please consult the study commissioned by the European Parliament.
In the event that you wish to exercise any of your above rights, please contact email@example.com